Your warranty is void. I'm not responsible if your device is hard bricked by using the procedure below. The method described below has been tested on 6039Y, 6039S, 6039H (with the archives for 6039Y) and 6039K (with the 6039S archive) and is confirmed that it works.
What to expect on successful completion:
- you will have access to the fastboot commands (removed by the latest upgrade).
- you should be able to check for OTA updates and to download them, but you will not be able to install them.
What's needed:
-------------------
1. I hate when I must say this ... but ... a Windows PC.
2. QPST version 2.7.422 (you can find it on the net as 2.7 build 422). This is a link to one such version (found through Google). If there are problems with this link please let me know. I will try to find another one (you can do it yourself too).
3. Drivers in order the device to be recognized when is in Download mode. Install Mobile Upgrade Q 4.8.7 the necessary drivers are installed with it. It can be downloaded from here.
4. The files from the archives below. Please use the archive which is especially for your device ... in theory if you use the archive for different device (e.g. the archive for 6039S on 6039Y (with the standard partitions)) you should have a repartitioned device at the end, and only the resize2fs command should be enough to start to utilize the whole memory chip ... but you will loose the possibility to sweat a little bit when do the repartitioning by following the guide for it .
- 6039Y (8GB stock partition sizes) (md5sum: 860789bedb63da5c5976c24825c29d47)
- 6039Y (repartitioned by following the repartitioning guide) (md5sum: c2f8ff3cfc683e46fbf5d797103de71b)
- 6039S (md5sum: dfd04067230b5709729c70cac61ffd52)
How to proceed:
--------------------
1. Install all the necessary software.
2. Unpack the downloaded archive for your device.
3. Power off the device. Connect it with the USB cable to the PC. Wait the battery symbol to disappear and hold both volume keys and the power button. You should see a red screen with a warning sign and a scheme. Then hold the volume up button. The display will stay lit but nothing will be shown on it from now on until the end of the procedure.
4. When the device is in Download mode under the windows device manager -> Ports (COM & LPT) you should see Android HS-USB QDLoader 9008 (COMXX)
5. Open the windows explorer and find the installation folder of QPST (mine is under Program Files (x86)\Qualcomm\QPST). From the bin sub-directory start QFIL as administrator.
6. In QFIL the COM port number as seen under the windows device manager should be selected automatically.
7. The rest must be done from QFIL:
- Programmer path: _____ - Click on the Browse button against it and from the extracted archive select prog_emmc_firehose_8916.mbn
- Search Path: _____ - if the path is not selected automatically after the programmer selection click on the Browse button against it and select the folder where the archive has been extracted.
- Load XML - click on it and first select rawprogram0.xml from the archive, then the patch0.xml file.
- Click on the Download button. The process should finish quickly (few seconds ... up to a minute). If everything is OK the phone will be restarted automatically and the fastboot commands will be available again.
(If you feel unsure to proceed or not but your device is already in download mode ... disconnect the USB cable and hold both volume keys and the power button to restart it).
Screenshots from QFIL is possible to be provided later ...
Reserved....
Alright I guess I'll be the guinea pig here.... Few questions beforehand:
I currently have the 6039Y version without having repartitioned... Using the repartitionned one would directly give me a repartitionned memory? Did I understand that correctly?
Did I dream about you saying that you might have a way to fix hard bricks? Because I might very well brick mine with my usual luck
About the updates... If there were any later OTA updates (I know it's unlikely) would there be a way to apply them still?
Rorshan said:
Alright I guess I'll be the guinea pig here.... Few questions beforehand:
I currently have the 6039Y version without having repartitioned... Using the repartitionned one would directly give me a repartitionned memory? Did I understand that correctly?
Did I dream about you saying that you might have a way to fix hard bricks? Because I might very well brick mine with my usual luck
Click to expand...
Click to collapse
In theory yes, but is untested. Yes, hard bricks should be fixable with these tools and with slightly different files. But as this requires a full copy of the memory chip and for the moment I have such copy only from my device, I can recover only my device (or others which will become the same as mine ... this means radio, languages, apps etc. ).
About the updates... If there were any later OTA updates (I know it's unlikely) would there be a way to apply them still?
Click to expand...
Click to collapse
Yes, but modified
Edit: What do I do here? I guess a missing font file shouldn't bother me, but still I'd like some advice here
Click to expand...
Click to collapse
No idea ... try with ignore. I didn't have have any problems with mobile upgrade q.
petrov.0 said:
In theory yes, but is untested. Yes, hard bricks should be fixable with these tools and with slightly different files. But as this requires a full copy of the memory chip and for the moment I have such copy only from my device, I can recover only my device (or others which will become the same as mine ... this means radio, languages, apps etc. ).
Yes, but modified
No idea ... try with ignore. I didn't have have any problems with mobile upgrade q.
Click to expand...
Click to collapse
Untested doesn't sound nice... I guess I'll go with the normal way and worry about the repartition afterwards.
I cancelled the install and reinstalled with no issue
I guess this is it. Either way I'll come here to cry, be it from joy or sadness/anger
---------- Post added at 07:46 PM ---------- Previous post was at 07:26 PM ----------
Well I'm done and my phone resetted just fine... I freaked for a minute when it took a bit longer than usual for my phone to pick up signal.
And......
fastboot -i 0x1bbb devices
48fee072 fastboot
Click to expand...
Click to collapse
I haven't tried TWRP yet since I don't really know what version I should be using... Any idea @petrov.0 ?
Rorshan said:
Untested doesn't sound nice... I guess I'll go with the normal way and worry about the repartition afterwards.
I cancelled the install and reinstalled with no issue
I guess this is it. Either way I'll come here to cry, be it from joy or sadness/anger
---------- Post added at 07:46 PM ---------- Previous post was at 07:26 PM ----------
Well I'm done and my phone resetted just fine... I freaked for a minute when it took a bit longer than usual for my phone to pick up signal.
And......
I haven't tried TWRP yet since I don't really know what version I should be using... Any idea @petrov.0 ?
Click to expand...
Click to collapse
For normal use (flashing) the latest from 12.09.2015. For the repartitioning boot with the one from the repartitioning thread.
Thanks! I will try it now!
EDIT:
It all works
petrov.0 said:
For normal use (flashing) the latest from 12.09.2015. For the repartitioning boot with the one from the repartitioning thread.
Click to expand...
Click to collapse
Alright TWRP seems to work fine, I'm doing backups at the moment. Thank you so much! You're such a lifesaver. Quick last question... I think I'm going to root and repartition. Does it matter at all which I do first?
Rorshan said:
Alright TWRP seems to work fine, I'm doing backups at the moment. Thank you so much! You're such a lifesaver. Quick last question... I think I'm going to root and repartition. Does it matter at all which I do first?
Click to expand...
Click to collapse
This question is for the other thread ... but no, it doesn't matter.
Do you feel its safe to test this on 6039s?
xStealth said:
Do you feel its safe to test this on 6039s?
Click to expand...
Click to collapse
Well good question. The files for the S have been generated only on the base of the partition numbers (not their names) and their sizes ... they look the same as those on the Y but ... I think it's safe.
xStealth said:
Do you feel its safe to test this on 6039s?
Click to expand...
Click to collapse
Can further confirm that this worked on my 6039S. No bricking, and fastboot works as promised!
A BIG thanks petrov.0!
Bradlee22 said:
Can further confirm that this worked on my 6039S. No bricking, and fastboot works as promised!
A BIG thanks petrov.0!
Click to expand...
Click to collapse
He already did this. Read the first line from the first post.
petrov.0 said:
He already did this. Read the first line from the first post.
Click to expand...
Click to collapse
Oh, right on. I wasn't sure who had confirmed it at that point. Thanks again for all your work on this!
Update
The link and the md5sum in the first post for the repartitioned 6039Y have been updated as one of the files was missing from the archive. Thanks @kkkk2222 for finding the error.
Worked a treat, fantastic work folks.
http://www.modaco.com/news/android/you-can-turn-your-8gb-idol-3-47-into-a-16gb-really-r1521/
Used Parallels on a Mac, no problem!
P
@petrov.0
For those who end up stuck in bootloops(on both 6039's and 6045's) with factory recovery is there a way this method could be used to either 1) flash twrp to the device or 2) force the device into bootloader?
If a user can get to bootloader (and has fastboot) then they could attempt to fix their own issue.
famewolf said:
@petrov.0
For those who end up stuck in bootloops(on both 6039's and 6045's) with factory recovery is there a way this method could be used to either 1) flash twrp to the device or 2) force the device into bootloader?
If a user can get to bootloader (and has fastboot) then they could attempt to fix their own issue.
Click to expand...
Click to collapse
1. Yes, it should be possible by using the same tools with different files. But if they flash their system image backup this will lead to a big mess ... they will have a partially upgraded device. Probably if they use the fix permissions option or force the reinstall of SuperSU from the recovery this will be the end of the bootloops (these are unconfirmed speculations though). I need the gpt table from the device (6045) to generate the necessary files.
Code:
dd if=/dev/mmcblk0 of=<path to the sd_card>/gpt.bin bs=512 count=34
2. No.
petrov.0, first of all - thx for your great work. I have a theoretical question about QFIL and partition flashing. Is it necessary to flash all of this partitions in rawprogram0.xml:
sbl1.mbn
rpm.mbn
tz.mbn
hyp.mbn
aboot.mbn
gpt_main0.bin
gpt_backup0.bin
For working fastboot we need only aboot (emmc_appsboot) from previous firmware version (or i'm wrong?), if we short rawprogram0.xml only for aboot and gpt, like this:
Code:
<?xml version="1.0" ?>
<data>
<!--NOTE: This is an ** Autogenerated file **-->
<!--NOTE: Sector size is 512bytes-->
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="aboot.mbn" label="aboot" num_partition_sectors="2048" physical_partition_number="0" size_in_KB="1024.0" sparse="false" start_byte_hex="0xc18c000" start_sector="396384"/>
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="aboot.mbn" label="abootbak" num_partition_sectors="2048" physical_partition_number="0" size_in_KB="1024.0" sparse="false" start_byte_hex="0xc28c000" start_sector="398432"/>
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="gpt_main0.bin" label="PrimaryGPT" num_partition_sectors="34" physical_partition_number="0" size_in_KB="17.0" sparse="false" start_byte_hex="0x0" start_sector="0"/>
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="gpt_backup0.bin" label="BackupGPT" num_partition_sectors="33" physical_partition_number="0" size_in_KB="16.5" sparse="false" start_byte_hex="(512*NUM_DISK_SECTORS)-16896." start_sector="NUM_DISK_SECTORS-33."/>
</data>
Phone doesn't brick after flashing?
p.s. And another one question. Do you know where the testpoint on 6039Y located? After several my experiments (not with your files, i was bricked it by myself i have bricked phone. There is no download mode (9008 com port not appears in my case), only turned on LED on front panel. Any actions with holding both volume buttons and power button doesn't get success, i think in this case testpoint will help. But i don't know where is it. If somebody need - i can attach photo of PCB.
petrov.0 said:
1. Yes, it should be possible by using the same tools with different files. But if they flash their system image backup this will lead to a big mess ... they will have a partially upgraded device. Probably if they use the fix permissions option or force the reinstall of SuperSU from the recovery this will be the end of the bootloops (these are unconfirmed speculations though). I need the gpt table from the device (6045) to generate the necessary files.
Code:
dd if=/dev/mmcblk0 of=<path to the sd_card>/gpt.bin bs=512 count=34
2. No.
Click to expand...
Click to collapse
Code:
/mmcblk0 of=/storage/sdcard1/gpt.bin bs=512 count=34 <
dd: /dev/mmcblk0: No such file or directory
Now a cat of /proc/partitions shows 179 0 15267840 mmcblk0 so I have no idea why it says it's not found. [I can confirm none of the mmc* are under /dev. I have a find running to see where it says it is.....ok..for us it's in /dev/block/mmcblk0 ]
Just drop .zip off the end of the name..it's not actually zipped but couldn't upload a .bin.
Related
Tweeks:
Camera Tweek (You need busybox installed for this), or you can unpack the zip and apply the patch manually/setting the permission corectly.
It will improve the overall video recording quality, by increasing the size limit cap of the video (old setting 600 Kb vs new 1200 Kb)
Custom Firmwares
Reserved
Recovery
CWM WITH ACCESS AT THE SYS_BOOT PARTITION ======>>>>> Bigger chance in bricking your device if you sleep while you flash something.
CWM NON TOUCH / NO ACCESS TO SYS_BOOT
Way to flash:
Version 1)
- enable usb debugging
- install adb drivers
- use the command adb reboot bootloader
- use the command fastboot flash recovery recovery.img
Version 2)
- shut down the phone
- press the volume key minus and power key
- use the command fastboot flash recovery recovery.img
Do not forget to unpack the zip files.
Please have in mind that with the no_sys CWM, you cannot restore the phone to stock using an official update.
Unbricking
Copied from here
Here's a small tutorial for people who bricked their phone while formatting the sys_boot partition in CWM Recovery. When you format that partition, nothing works except a screen shows up saying "RESET FOR ENTRY QPST DOWNLOAD". This screen is also known as the Qualcomm Diagnostic Mode.
Requirements:
A linux distribution (Ubuntu)
sys_boot.img (https://docs.google.com/file/d/0BxJJu-wXKdltTE90SGtEMmFQZHM/edit)
Follow the steps to restore the sys_boot partition:
1. Connect your phone to a pc using the cable
2. Install the drivers if necessary:
https://dl.dropboxusercontent.com/u/17562266/USB Modem Driver.rar
3. Open your terminal
4. Type "lsblk" (without the quotes).
You should see a list, showing every connected disk and partition. Look for a partition with a size around 50M. This is the partition we need, so remember the corresponding name under the 'NAME' column. It can be "sdc", "sdd" or "sde" followed by a number.
5. Cd to the directory you placed sys_boot.img in
cd [filename]
6. Type "sudo dd if=/dev/NAME of=sys_boot.img bs=512
Replace NAME with the name you got from lsblk, and press enter.
The output should look something like this:
3959420000 bytes (3866621 KB) copied, [ time spent], [KB/s]
7. Remove the cable from your device, do a battery pull and try to boot your device
Normally, it should boot correctly. If you formatted the /system partition too, you have to get into recovery mode by holding the upper volume button while booting, until a red screen appears.
If you have any questions, or if this doesn't work for you – let me know in the comments.
Thanks a lot to Adonis K. and globula_neagra for the sys_boot image and pointing me in the right direction.
Credits to DieterHolvoet from arctablet for putting it together.
THX! Much appreciated!
I own this device since today and you Sir made me very happy with your cwm and ability to root.
---------- Post added at 08:19 PM ---------- Previous post was at 07:42 PM ----------
I can confirm. Touchversion of CWM does not work.
File for non-touch CWM seems the same as touch btw. Could you please fix the link? Thx!
Yes, the touch version doesn't work.
The no-touch no-sys version works fine.
Here is the link for the no-touch/no-sys version (taken from the arctablet forums): http://globula.arctablet.com/ARCHOS_50_PLAT/CWM_A50_Plat_NoTouch_No_SYS.img.zip
globula must have misstyped it
IN CWM I cannot mount the sdcard. So I can't install any Zip-Files this way
Nash123 said:
IN CWM I cannot mount the sdcard. So I can't install any Zip-Files this way
Click to expand...
Click to collapse
I will fix these issues tomorrow.
Thank you!
GEN 11 ?
cajl said:
GEN 11 ?
Click to expand...
Click to collapse
Yes the Archos 50/53 Platinum and Archos 80 Xenon are Generation 11
NO !
it will be announced at IFA and I would see in Berlin
cajl said:
NO !
it will be announced at IFA and I would see in Berlin
Click to expand...
Click to collapse
I could try to convince you that they are Gen11, but you will have to trust me, the update page does not lie.
OK Archos 53 also ...
Anyone know if it's possible to partition the internal memory and internal sdcard together? I'm getting really low in internal space intended for app installations (180mb left, getting insufficient space errors)
Updated the third post with a new touch cwm, test version, i don`t have a platinum to test it.
Adonis, i don`t think is possible, tough you can use directory binder
I need some help with some file from the Archos 50 Platinum, I want to test if the phone function works on Archos 80 Xenon (it should in theory as this is not the first tablet made by Archos/Arnova that has a crippled phone function, my 7C G3 is capable if doing/receiving phone calls)
Hmmm, i see. In my previous phone the developers found a way to repartition the device and play around with them so we could balance the phone and internal memory to our advantage. Could really use the /storage/sdcard1 as part of my /data and /system partitions.
http://i.imgur.com/MJkdLS9.png
Never heard of directory binding, is it like symlinking?
I will test touch version in a few mins, gotta watch something first.
edit: Nope, touch still not working. Same results as the previous one.
Adonis K. said:
Hmmm, i see. In my previous phone the developers found a way to repartition the device and play around with them so we could balance the phone and internal memory to our advantage. Could really use the /storage/sdcard1 as part of my /data and /system partitions.
http://i.imgur.com/MJkdLS9.png
Never heard of directory binding, is it like symlinking?
I will test touch version in a few mins, gotta watch something first.
edit: Nope, touch still not working. Same results as the previous one.
Click to expand...
Click to collapse
Then it will be no touch for the moment, tough is strange, on the Archos 80 Xenon is working fine.
Not having the phone is a big impediment for me to test things, and I have the Xenon only till 28`th, so this is my main platform for testing for now (identical spec with the 50 Plat, even the partition layout is identical , that`s why i believe that the phone function should work)
I will do another try with the touch version from the Xenon in the next days, maybe with will work with that one.
Yes, the directory binding is the same as simlinking
Does anyone know a fix for the incompatability with older routers? (Non Wifi-N support).
Sorry for the OT btw.
Edit: Second question. How do I revert back to stock firmware or stock mode [without root and CWM-recovery]? I used the non_sys-version.
Edit2: Tomorrow I will flash original firmware. Hopefully the alterations will be gone.
Nash123 said:
Does anyone know a fix for the incompatability with older routers? (Non Wifi-N support).
Sorry for the OT btw.
Edit: Second question. How do I revert back to stock firmware or stock mode [without root and CWM-recovery]? I used the non_sys-version.
Edit2: Tomorrow I will flash original firmware. Hopefully the alterations will be gone.
Click to expand...
Click to collapse
I think you will need the sys_boot recovery for that, or the stock one, the non_sys boot will not allow you to flash stock firmware.
hi, tried to search everywhere but to no avail soo far.. does anyone knows if there is an existing root guide for LG G4 Beat? its sort of a diff model but there's no sub for it so i guess ill put it at here since its still under G4 family.. :/
Do you have Android 5.0 or 5.1 installed?
First of all. Before you start to try root, download the kdz file for your phone.
The kdz is needed if something went wrong (e.g. phone not booting).
You can use the LG Flash Tool to flash the kdz to a bricked phone.
Use this link with your IMEI:
Code:
http://csmg.lgmobile.com:9002/csmg/b2c/client/auth_model_check2.jsp?esn=IMEI
If it works, please post the download link for the "kdz".
Or better post the output too, but delete your IMEI!
Your link will only work if you type:
csmgdl.lgmobile.com/dn/downloader.dev?fileKey=
and then add the rest of your url instead of the given link.
It's worth trying. You need to get a partition layout. Then @autoprime will give a full command to run in DL mode for dumping the system image, and flashing it once it's been injected with root. I can inject it for you once you have the system.img dump.
I wrote an guide how you can extract the GPT and calculate the dd parameters:
[How to] Determine dd Parameters For All LG G4 Models
http://forum.xda-developers.com/g4/h...lg-g4-t3184867
Do you know how to work with linux?
Please post the outputs of gdisk into a HIDE and CODE tag. Thank you.
Maybe you are a advanced user and can Inject root yourself with the autoroot.sh method (Inject_Root_G4.zip)?
Or do you need help?
I think you have Android 5.1.1 installed, so it is not possible to use Kingroot to root your device. Is that right?
dominik-p said:
I wrote an guide how you can extract the GPT and calculate the dd parameters:
[How to] Determine dd Parameters For All LG G4 Models
http://forum.xda-developers.com/g4/h...lg-g4-t3184867
Do you know how to work with linux?
Click to expand...
Click to collapse
Wow, thanks for that guide! I've been trying to figure out how to find the right dd params forever.
tabp0le said:
Wow, thanks for that guide! I've been trying to figure out how to find the right dd params forever.
Click to expand...
Click to collapse
Pleasure.
I think some people also knew how to do it, but no one wanted to write a guide.
AND ALWAYS CONSIDER:
You can brick your phone if you don't know what you are doing.
Backup your files before you change anything.
i think i got the link for the KDZ.. but when i
dominik-p said:
Do you have Android 5.0 or 5.1 installed?
First of all. Before you start to try root, download the kdz file for your phone.
The kdz is needed if something went wrong (e.g. phone not booting).
You can use the LG Flash Tool to flash the kdz to a bricked phone.
Use this link with your IMEI:
[CODEcsmg.lgmobile.com:9002/csmg/b2c/client/auth_model_check2.jsp?esn=IMEI[/CODE]
If it works, please post the download link for the "kdz".
Or better post the output too, but delete your IMEI!
Your link will only work if you type:
csmgdl.lgmobile.com/dn/downloader.dev?fileKey=
and then add the rest of your url instead of the given link.
Click to expand...
Click to collapse
ok i think i did it correctly.. heres the link
downloader.dev?fileKey=FWDEYI0132FMAUI263CCLO1/H73510b_00.kdz (had to cut it short cuz forum would not let me post new link :/ csmgdl.lgmobile.com/dn/ was before 'downloader')
heres the output file..
<response req_cmd="auth_model_check" status="OK">
<auth_model_check><result>OK</result>
<esn>-----MYIMEI----</esn>
<model>LGH735</model><suffix>ASEATS</suffix><msn>508KPUU032390</msn><esn_date/>
<sw_version>H73510B_00</sw_version>
<sw_url>fileKey=FWDEYI0132FMAUI263CCLO1/H73510b_00.kdz</sw_url> pkg03.lime.gdms.lge.com/dn/downloader.dev?
<sw_locale_url/><sw_recommand_uri/><app_version/><app_url/>
<cs_em_flag>N</cs_em_flag>
<cs_em_uri>N</cs_em_uri>
<chip_type>EG</chip_type>
<prod_type>2</prod_type>
<buyer>SEA</buyer>
<file_name>H73510b_00.kdz</file_name>
</auth_model_check></response>
and yes its 5.1..
would be nice if theres a step by step guide cuz last phone i tired rooting was prolly galaxy tab and it was wayy easier :/
Ok, well done. Is 10b the same version as currently installed on your device?
Some other details would be interesting:
Do you have an unbranded device?
Where did you buy it / where do you live? (country)
Are you an advanced user? Do you know how to work with linux?
The next steps will be:
Calculate your dd parameters and backup your system partition into a img file. Read my guide:
[How to] Determine dd Parameters For All LG G4 Models
http://forum.xda-developers.com/g4/h...lg-g4-t3184867
Please post the outputs of gdisk into a HIDE and CODE tag.
Post your calculated dd parameters, so that we can verify it.
IMPORTANT: Keep the original (unchanged) system.img on your computer (zip it).
Then:
Copy the img file to a linux system and mount it. Create a testfile (test.txt) on the mounted system partition.
Copy the img file back to your phone and try to "dd" it back over your system partition.
Check if you see the testfile on your system partition.
If that worked you have successfully overwritten your system partition.
Then:
Try to inject root with the Inject_Root_G4.zip on your linux system.
Copy the new img file to your phone and "dd" it over your system partition.
Please ask if you are not 100% sure what to do.
You are responsible for what you are doing with your device.
Backup all your data (photos, videos, messages...) before going one step further.
dominik-p said:
Ok, well done. Is 10b the same version as currently installed on your device?
Some other details would be interesting:
Do you have an unbranded device?
Where did you buy it / where do you live? (country)
Are you an advanced user? Do you know how to work with linux?
The next steps will be:
Calculate your dd parameters and backup your system partition into a img file. Read my guide:
[How to] Determine dd Parameters For All LG G4 Models
http://forum.xda-developers.com/g4/h...lg-g4-t3184867
Please post the outputs of gdisk into a HIDE and CODE tag.
Post your calculated dd parameters, so that we can verify it.
IMPORTANT: Keep the original (unchanged) system.img on your computer (zip it).
Then:
Copy the img file to a linux system and mount it. Create a testfile (test.txt) on the mounted system partition.
Copy the img file back to your phone and try to "dd" it back over your system partition.
Check if you see the testfile on your system partition.
If that worked you have successfully overwritten your system partition.
Then:
Try to inject root with the Inject_Root_G4.zip on your linux system.
Copy the new img file to your phone and "dd" it over your system partition.
Please ask if you are not 100% sure what to do.
You are responsible for what you are doing with your device.
Backup all your data (photos, videos, messages...) before going one step further.
Click to expand...
Click to collapse
what do u mean 10b?
not really unbranded i guess? its a mid-tier version of the LG G4.. this is the phone.. http://www.lg.com/sg/mobile-phones/lg-G4-Beat
dont think its out at the US yet
bought it at Singapore as i recontacted my phone
nope i dont know how to use linux and im %100 not sure what to do :crying:
Ok so you are not a advanced user?
10b is the version of the kdz file. Goto Settings->Phone info->software version on your phone and post your software version.
First of all: It is not possible to root your phone without linux!
You don't have to install a linux on your computer (physically) but at least in an virtual environment (virtualbox, vmware player) or as a live distribution.
What you can do without linux is try to extract the GPT.
Which OS is installed on your computer (Win 7, 8, 10)?
Download the LG_Root.zip from
http://forum.xda-developers.com/android/development/guide-root-method-lg-devices-t3049772
It contains the Send_Command.exe
You need this tool to open a special console when your phone is in download mode.
Do you know this tool and how to enter the download mode?
dominik-p said:
Ok so you are not a advanced user?
10b is the version of the kdz file. Goto Settings->Phone info->software version on your phone and post your software version.
First of all: It is not possible to root your phone without linux!
You don't have to install a linux on your computer (physically) but at least in an virtual environment or as a live distribution.
What you can do without linux is try to extract the GPT.
Which OS is installed on your computer (Win 7, 8, 10)?
Download the LG_Root.zip from
http://forum.xda-developers.com/android/development/guide-root-method-lg-devices-t3049772
It contains the Send_Command.exe
You need this tool to open a special console when your phone is in download mode.
Do you know this tool and how to enter the download mode?
Click to expand...
Click to collapse
no im not an advanced user..
its software version is : V10b-SEA-XX
so i guess its a 10b?
im using windows 7 right now
Yes you have 10b installed now.
The XX means that it is unbranded.
SEA means southeast asia.
Win 7 is fine. Send_Command will work.
Download the zip from the above-mentioned thread.
Then:
Power off your device
When the device is powered off, hold volume up and insert a USB cable connected to the PC
Wait for the drivers to install
Click to expand...
Click to collapse
and follow the steps 7-9.
dominik-p said:
Yes you have 10b installed now.
The XX means that it is unbranded.
SEA means southeast asia.
Win 7 is fine. Send_Command will work.
Download the zip from the above-mentioned thread.
Then:
and follow the steps 7-9.
Click to expand...
Click to collapse
so i just download it, put it at desktop and skip all the methods till 6-9? do i have to enable developer mode before doing it?
No you don't need developer mode.
But it is no problem if you enabled it.
Are you able to open the console with Send_Command.exe?
dominik-p said:
No you don't need developer mode.
But it is no problem if you enabled it.
Are you able to open the console with Send_Command.exe?
Click to expand...
Click to collapse
i opened send_command.exe but it just closes back.. mine is at COM1 but idk how to change it
Update: it says NOTE: Do not attempt this on devices with 5.1.1 , at the time this method was posted it worked on many firmware 5.0.2 should i still go for it? im using 5.1.1
We won't follow the guide. We will do it like here:
http://forum.xda-developers.com/g4/orig-development/root-tmo-vzw-intl-variants-soon-root-lg-t3164765
(You will also find the thread is linked there.)
The thread is just a good help for the Send_Command tool.
You don't have to change the COM port.
Are you in download mode? Do you see the "Firmware Update" screen?
Use the ports.bat and note the "netdiag" COM port.
Inside of LG_Root folder hold shift and right click a blank space you should see "Open command window here"
Click to expand...
Click to collapse
Then enter:
Code:
Send_Command.exe \\.\COM#
Replace # with your number.
dominik-p said:
We won't follow the guide. We will do it like here:
http://forum.xda-developers.com/g4/orig-development/root-tmo-vzw-intl-variants-soon-root-lg-t3164765
(You will also find the thread is linked there.)
The thread is just a good help for the Send_Command tool.
You don't have to change the COM port.
Are you in download mode? Do you see the "Firmware Update" screen?
User ports.bat and note the "netdiag" COM port.
Then enter:
Code:
Send_Command.exe \\.\COM#
Replace # with your number.
Click to expand...
Click to collapse
Yup its in download mode i have the firmware update on my screen.. still to no avail i also installed LG driver and restarted.. opened send_command.exe it just closes back
or do i just enter the script after the # after special command? at because im now at this part http://i.imgur.com/fre9Z9l.png just that when i double-click send command it just closes back
dreamnoob said:
Yup its in download mode i have the firmware update on my screen.. still to no avail i also installed LG driver and restarted.. opened send_command.exe it just closes back
or do i just enter the script after the # after special command? at because im now at this part http://i.imgur.com/fre9Z9l.png just that when i double-click send command it just closes back
Click to expand...
Click to collapse
are you opening send command from the command prompt?
Do NOT double click on the Send_Command.exe
READ again:
Inside of LG_Root folder hold shift and right click a blank space you should see "Open command window here"
Click to expand...
Click to collapse
Then enter "Send_Command.exe \\.\COM#"
dominik-p said:
Do NOT double click on the Send_Command.exe
READ again:
Then enter "Send_Command.exe \\.\COM#"
Click to expand...
Click to collapse
oh okay means im on the right path..
so now i just do this as follows?
Type "id" and press enter (no quotes).
You should get back some text starting with "uid=(0)root gid=(0)root". If not, press CTRL-C, and do step 9 again (the application sometimes doesn't respond on the first command).
Run the command specified in the section below titled 'Commands to Run' to flash the rooted system image.
After a few minutes of sitting, you should get back a "#" prompt. This indicates the process has finished.
Type "LEAVE" (no quotes) and press enter. Your phone should reboot, and your phone will be rooted.
Hey guys,
It seems more and more people are receiving the new version of the P8000:
- Stock Android 6
- New fingerprint scanner that is moved slightly higher and is able to unlock phone from screen-off (I confirm this is working)
- Sim 2 is combined with the micro-sd (I haven't tried whether you can have them both in at the same time)
- Somethings new about the display, since people are reporting errors with it after flashing older roms.
Warning: do NOT flash other roms. We have no way to unbrick the soft bricks yet!
---
Other topics that refer to this version:
http://forum.xda-developers.com/elephone-p8000/general/rom-p8000-t3431571
http://forum.xda-developers.com/elephone-p8000/help/stock-rom-p8000b-t3434477
http://forum.xda-developers.com/elephone-p8000/general/p8000-version-announced-t3346848
---
For development:
- The phone does not come pre-rooted. We have no way to flash custom recovery yet. Any tips for getting root? I've tried such tools as Kingo and vRoot, they don't work.
- We need the blocks file (scatter file) for SP Flash Tools. MTKDroidTools reports "unknown rom structure". Any help? Would love to start working on this.
Looking forward to hearing from others who have this version/who can help me with these questions.
Thanks!
Emile
Nice! Can you provide a dump from /system and /boot maybe?
BlueFlame4 said:
Nice! Can you provide a dump from /system and /boot maybe?
Click to expand...
Click to collapse
I would, if I knew how to. Any pointers?
Emileh said:
I would, if I knew how to. Any pointers?
Click to expand...
Click to collapse
Sure thing. On a rooted device, go into adb shell.
Then use "mount" command to check which partitions are mounted. One should be "/dev/block/platform/mtk-msdc.0/by-name/system" or similar. Use "dd if=/dev/block/platform/mtk-msdc.0/by-name/system of=/storage/emulated/0/system.img bs=1M" to dump the system to the internal sdcard to the file "system.img". If adb complains that bs=1M is an invalid option, try again without that one. A system dump can take some time where you will not get any feedback, so be patient there
Do the same for boot. So "/dev/block/platform/mtk-msdc.0/by-name/boot" should be the way to go for the path. I cannot tell the definite pathes on Android 6.0 but I am rather sure they are more or less like this.
If you run into troubles, just ask
BlueFlame4 said:
Sure thing. On a rooted device, go into adb shell.
Then use "mount" command to check which partitions are mounted. One should be "/dev/block/platform/mtk-msdc.0/by-name/system" or similar. Use "dd if=/dev/block/platform/mtk-msdc.0/by-name/system of=/storage/emulated/0/system.img bs=1M" to dump the system to the internal sdcard to the file "system.img". If adb complains that bs=1M is an invalid option, try again without that one. A system dump can take some time where you will not get any feedback, so be patient there
Do the same for boot. So "/dev/block/platform/mtk-msdc.0/by-name/boot" should be the way to go for the path. I cannot tell the definite pathes on Android 6.0 but I am rather sure they are more or less like this.
If you run into troubles, just ask
Click to expand...
Click to collapse
Thank you for your great instructions! The problem is that we've yet to achieve root on this device. We don't have a custom recovery for this version of the P8000 yet and other 'standard' methods of rooting don't work for me.
(I'm pretty solid in shell, so I'll do this afterwards, but I guess root is actually the first step).
// Edit to say: it does not come pre-rooted
Since the elephone support on facebook didn't realize there are two different versions of the P8000 available, I still need a ROM to unbrick my phone.
flo1k said:
Since the elephone support on facebook didn't realize there are two different versions of the P8000 available, I still need a ROM to unbrick my phone.
Click to expand...
Click to collapse
Ok, we know that, but doesn't really help us
Can you write them an e-mail?
I will do
Edit: OK, see if there will be an answer.
Thank you flo1k!
I have e-mailed as well, and would like to post on the Elephone forum, but don't seem to have access (because of minimum post count, I guess)
Anyone willing to ask for a ROM for the new P8000 on the forum there?
ROM Dump
@BlueFlame4
I can provide ROM dump in two versions:
1) a dump from adress 0000 0000 to 9d80 0000 (apr. 2.5 GB in one file)
2) a readback generated with the scatter.txt of the 'old' 5.1 stock ROM (apr. 2.8 GB seperated in 23 files)
FrauHofrat said:
@BlueFlame4
I can provide ROM dump in two versions:
1) a dump from adress 0000 0000 to 9d80 0000 (apr. 2.5 GB in one file)
2) a readback generated with the scatter.txt of the 'old' 5.1 stock ROM (apr. 2.8 GB seperated in 23 files)
Click to expand...
Click to collapse
The second choice looks promising
Maybe a stupid question
where shall I upload the files - any preferred webspace?
I'm uploading the files - because they contain my NVRAM I send the link as PM as soon as the upload is finished
FrauHofrat said:
Maybe a stupid question
where shall I upload the files - any preferred webspace?
I'm uploading the files - because they contain my NVRAM I send the link as PM as soon as the upload is finished
Click to expand...
Click to collapse
Are you sure we're talking about the same version of the P8000? Cause as far as I know there isn't 5.1 available for this version... Right?
Just checking thank you for your help in any case!! Really looking forward to it.
// edit: ah, you just used the old scatter file. But does that one work for this version?
Emileh said:
Are you sure we're talking about the same version of the P8000? Cause as far as I know there isn't 5.1 available for this version... Right?
Click to expand...
Click to collapse
No, there is only one Firmware available - the mysterious P8000_6.0_20160516.
Btw, this Phone contains a new mainboard model "K06TS-L-V2.0.3" - the 'old' mainboard is moder "K05T...."
// edit: ah, you just used the old scatter file. But does that one work for this version?
Click to expand...
Click to collapse
No, it doesn't work resp. the phone boots with this firmware, but the LCD-driver is the wrong one - the display only shows coloured lines and blurry spots. And there are probabely some more bugs ....
FrauHofrat said:
No, there is only one Firmware available - the mysterious P8000_6.0_20160516.
Btw, this Phone contains a new mainboard model "K06TS-L-V2.0.3" - the 'old' mainboard is moder "K05T...."
No, it doesn't work resp. the phone boots with this firmware, but the LCD-driver is the wrong one - the display only shows coloured lines and blurry spots. And there are probabely some more bugs ....
Click to expand...
Click to collapse
But if the phone boots with the firmware, doesnt that mean that the scatter file of the regular P8000 works? Since it flashes the firmware correctly.
The problem is that I was not able to flash the 'readback files' to the faulty phone.
When selecting 'Only Download' at SP-Flashtool I got the error "PMT... must be download"
When selecting 'Firmware Upgrade" I got some BROM error code
In both cases I used the same scatter,txt which I used to 'readback' the firmware from the working phone
Actually I have to correct my statement in post #15:
I flashed the faulty phone with the last 5.1 stock ROM (160711) - with this stock ROM the phone boots up but LCD (and probably more things) is not working.
I have actually gotten alot further
You have the use the scatter.txt from Android 6.0, which works perfectly fine. I have been able to extract boot.img, system.img and recovery.img that way (using Readback in SP Flash Tools)
Which ones do you need?
They probably flash fine (only thing I've flashed so far are custom recoveries, and although my ported PhilZ starts, I havent gotten it to mount anything.)
A little warning: don't use anything that has anything to do with Android 5.1. Those scatter files don't work
These are great news!
"Which ones do you need?"
Probably all of them
Ok this contains the scatter file, preloader, system.img, boot.img and stock recovery.img
https://ehaffmans.stackstorage.com/index.php/s/uKGKCir0BociydU
You need SP Flash Tools v5, select the scatter file first, then deselect everything, and only select these 4 and manually select the correct files.
Btw, the name of the preloader file is wrong, don't worry. It came from this phone
I am of course not responsible for anything!
Can you guys please confirm this doesn't contain anything personal? Like personal files or IMEI or something. Thanks!
Maybe we all faced xiaomi bootloader unlocking problems sometimes.We tried many ways to unlock it but failed. Or maybe we have a second-hand Redmi 3S with account locked.Then,there is a brand new way to unlock it.
If you can unlock your phone ,DONT try this method
Instead of using miflashunlock tool,we'll try to crack the aboot (emmc_appsboot.mbn) partition on our phone. But we don't have permission to write any system partition without unlocking.So we need to get the permission first.
The easiest way to get it is to boot your phone into Qualcomm 9008 EDL mode.This mode is integrated into the SoC so we always will be able to enter it.BUT Xiaomi has taken some actions to block it:crying:.So we do need to have a try.
The first and easiest way to enter 9008 is to reboot your phone into fastboot ,then type 'fastboot oem edl'. If this way doesn't work ,try the second way.
Second way:A 'Xiaomi Deep Flash Cable' is needed.You could buy it or diy it.(If you want to diy,just cut open a microusb cable,the you see four wires.Cut open the green one and the black one .Then screw together the four copper wire.)
Fully shut your phone down and use the cable to connect phone&PC.Nothing seemed to happen,but now your phone is under 9008. Then use a normal cable to connect.You will hear the computer installing a new device.
Third way: (Not recommended) Open the back of the phone ,tear the shell on the main circuit board down.Then you will see two copper points . Use a wire or tweezer to connect them. Then hold on,use your second hand to connect a USB cable(normal,not deep flash cable).
After booting into 9008 mode,you need to install the drivers of 9008 . Install this miflash .
https://drive.google.com/uc?id=0Byw7MVzb0VBXUnhFcmZmdWFaQkU&export=download
Open miflash and you will see a com port (it's your device).If not check device manager .Install the drivers properly.
Then, everything is ready.
Download and extract the package below.
https://drive.google.com/uc?id=0Byw7MVzb0VBXZUctUFYzb1BrSGM&export=download
An 'unlock' folder will be created and the unlocked version of bootloader is placed in. Then choose the folder in miflash. Click the flash button.It will be done in a few seconds.After it displayed 'Success',hold phone's power button for 15sec until it reboot. Maybe your device will stuck at logo.But don't worry. Just hold power and volume- together for 15sec until it enters fastboot.
Then the most amazing thing will happen!
Type 'fastboot oem unlock' on the computer .
Then you will see a UNLOCKING warning on the phone screen,it looks like Nexus's.Use your volume key and choose Yes. Phone reboots, stuck at logo again. But now everything is done. Just re enter fastboot and flash a custom recovery.
(Because the unlocking will wipe data using recovery, I have made an action in the 9008 flash package to erase the recovery partition to prevent losing data.)
After all, your phone has fully unlocked.So doing anything is easy.
BUT one con.You can't upgrade bootloader. But any firmware partition update will update it. So when you are flashing any zip file,you need to delete firmware-update/emmc_appsboot.mbn in the zip first. You can't use MIUI OTA.
Before 9008 Driver installation read this: https://www.top-password.com/blog/how-to-disable-driver-signature-enforcement-in-windows-10-8-7/
Without this setting, the driver can not be installed.
Use an 64bit Win 7 or 10 for Miflash.
Such a long process. It took just one click to unlock BL using official method
fastboot oem edl
command just working with MIUI v7 stable, if you come with MIUI v8. It'll not work
Can I use it for all xiaomi phones or is it only for redmi 3s
Aamirsingh said:
Can I use it for all xiaomi phones or is it only for redmi 3s
Click to expand...
Click to collapse
Land only.
sunny54_8 said:
Such a long process. It took just one click to unlock BL using official method
Click to expand...
Click to collapse
but it is causing problem at 99% it shows that my device is not bound to mi account
but ive done it in developer option still it is not unlocking
I also had faced this problem but after knowing that I had two accounts So I tried with other one and it worked
Sounds too simple but I want to know if it really works I mean if anyone has tried it or not
Aamirsingh said:
Sounds too simple but I want to know if it really works I mean if anyone has tried it or not
Click to expand...
Click to collapse
Of course .I unlocked my phone in this way.
fxsheep said:
Of course .I unlocked my phone in this way.
Click to expand...
Click to collapse
Then I am probably going to unlock my Redmi 3s prime this way and I will also try to post this video on YouTube
---------- Post added at 02:53 PM ---------- Previous post was at 02:52 PM ----------
Aamirsingh said:
Sounds too simple but I want to know if it really works I mean if anyone has tried it or not
Click to expand...
Click to collapse
Hey thanks for quick response
Anyone else tried this ?
---------- Post added at 18:03 ---------- Previous post was at 17:56 ----------
Install the drivers properly.
What drivers are required ? If computer does not automatically install them.
---------- Post added at 18:03 ---------- Previous post was at 18:03 ----------
Install the drivers properly.
What drivers are required ? If computer does not automatically install them.
Worked perfectly. Thanks
I can confirm it worked perfectly. There is one referenced file missing but I made it work by doing these changes:
remove all <program lines except ones mentioning aboot and aboot_bak from rawprogram0.xml
remove all <patch tags from patch0.xml
So it's fine to just program aboot and aboot_bak (bootloader). No other programming/patching seem to be necessary.
kex1xik said:
I can confirm it worked perfectly. There is one referenced file missing but I made it work by doing these changes:
remove all <program lines except ones mentioning aboot and aboot_bak from rawprogram0.xml
remove all <patch tags from patch0.xml
So it's fine to just program aboot and aboot_bak (bootloader). No other programming/patching seem to be necessary.
Click to expand...
Click to collapse
Basically need to remove those tags only?
---------- Post added at 01:14 PM ---------- Previous post was at 12:24 PM ----------
hiimpig1 said:
fastboot oem edl
command just working with MIUI v7 stable, if you come with MIUI v8. It'll not work
Click to expand...
Click to collapse
What does this means?
---------- Post added at 01:15 PM ---------- Previous post was at 01:14 PM ----------
babaarpit said:
Worked perfectly. Thanks
Click to expand...
Click to collapse
What did i do when u successful flashed the files ?
Exactly. I modified it this way:
rawprogram0.xml:
Code:
<?xml version="1.0" ?>
<data>
<!--NOTE: This is an ** Autogenerated file **-->
<!--NOTE: Sector size is 512bytes-->
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="emmc_appsboot.mbn" label="aboot" num_partition_sectors="2048" physical_partition_number="0" size_in_KB="1024.0" sparse="false" start_byte_hex="0x18000000" start_sector="786432"/>
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="emmc_appsboot.mbn" label="abootbak" num_partition_sectors="2048" physical_partition_number="0" size_in_KB="1024.0" sparse="false" start_byte_hex="0x18100000" start_sector="788480"/>
</data>
patch0.xml:
Code:
<?xml version="1.0" ?>
<patches>
</patches>
and flashed the folder using MiFlash.exe with phone in EDL mode. I was able to enter edl mode by just doing "fastboot oem edl" from standard fastboot xiaomi screen.
Maybe patch0.xml can be deleted completely, I don't know but I kept it.
After flashing this aboot and booting into fastboot again, I was able to do "fastboot oem unlock-go" to unlock the bootloader without waiting for Xiaomi to give me approval or bothering with their stupid one unlock per 3 day policy (error "After 72 hours of trying to unlock the device").
I did this successfully on a new Xiaomi 3s Prime 3GB I bought from eBay.
What did i do when u successful flashed the files ?
Click to expand...
Click to collapse
I didnt use these files. I researched some more and used files from Here (XiaomiFirmware dot com)
The method is more or less the same just the files are different
First step involved mi flash tool using these files :
dummy.img
emmc_appsboot.mbn
patch0.xml
prog_emmc_firehose_8937_ddr.mbn
rawprogram0.xml
All these are diff from ones linked in OP
Update : I checked and the two xml files are same as you modified
Code:
<?xml version="1.0" ?>
<data>
<!--NOTE: This is an ** Autogenerated file **-->
<!--NOTE: Sector size is 512bytes-->
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="emmc_appsboot.mbn" label="aboot" num_partition_sectors="2048" physical_partition_number="0" size_in_KB="1024.0" sparse="false" start_byte_hex="0x18000000" start_sector="786432"/>
<program SECTOR_SIZE_IN_BYTES="512" file_sector_offset="0" filename="emmc_appsboot.mbn" label="abootbak" num_partition_sectors="2048" physical_partition_number="0" size_in_KB="1024.0" sparse="false" start_byte_hex="0x18100000" start_sector="788480"/>
</data>
**and**
<?xml version="1.0" ?>
<patches>
</patches
Next step required modified adb, fastboot i think
Code:
fastboot.exe devices
fastboot.exe oem unlock-go
then
Code:
fastboot.exe devices
fastboot.exe flash recovery recovery.img
fastboot.exe boot recovery.img
I replaced their image file with TWRP latest
Always got the error during flashing "hello packet not....." Any solution
Aamirsingh said:
Always got the error during flashing "hello packet not....." Any solution
Click to expand...
Click to collapse
Make sure your device is redmi 3s/x
fxsheep said:
Make sure your device is redmi 3s/x
Click to expand...
Click to collapse
Successful
Could somebody provide us with a full eMMC backup of a 16GB and 32GB model so that we can build partition.xml and extract rawprogram0.xml and patch0.xml from it to unbrick our devices with QFIL/QPST?
(this issue is rather specific, you cannot access the phone by ADB,fastboot or LGUP, but Windows recognizes it as Qualcomm HS-USB QDLoader 9008 so it's fixable with the appropriate files)
qb74 said:
Could somebody provide us with a full eMMC backup of a 16GB and 32GB model so that we can build partition.xml and extract rawprogram0.xml and patch0.xml from it to unbrick our devices with QFIL/QPST?
(this issue is rather specific, you cannot access the phone by ADB,fastboot or LGUP, but Windows recognizes it as Qualcomm HS-USB QDLoader 9008 so it's fixable with the appropriate files)
Click to expand...
Click to collapse
I have no idea to make such a backup since I cannot access the device's emmc in Linux.
I've used this method on another phone but there I could access the emmc directly as external storage by using a key combo on boot.
Skickat från min Nexus 5X via Tapatalk
Nicktheprofessor said:
I have no idea to make such a backup since I cannot access the device's emmc in Linux.
I've used this method on another phone but there I could access the emmc directly as external storage by using a key combo on boot.
Skickat från min Nexus 5X via Tapatalk
Click to expand...
Click to collapse
here
it's for another chipset, but the same process applies for all chipsets.
qb74 said:
here
it's for another chipset, but the same process applies for all chipsets.
Click to expand...
Click to collapse
Can't help you with that one then since I'm running Linux on all my machines. Too bad, I wouldn't mind having a complete backup.
Skickat från min Nexus 5X via Tapatalk
Maybe the people with Linux machines and free time would wanna try this?
https://androidforums.com/threads/guide-how-to-create-partition-xml-gpt.1125433/
gogozombiii said:
Maybe the people with Linux machines and free time would wanna try this?
https://androidforums.com/threads/guide-how-to-create-partition-xml-gpt.1125433/
Click to expand...
Click to collapse
@Nicktheprofessor Try checking this out, if you got the time! You would help the community out a ton!
qb74 said:
@Nicktheprofessor Try checking this out, if you got the time! You would help the community out a ton!
Click to expand...
Click to collapse
I'll need an OTG storage device to do this. I can backup the entire thing using dd but it can't be written to the internal storage (for obvious reasons, it would then backup the backup and the backup of the backup and so on).
If I could access it on the computer or send it to the computer then that would work but I'm not aware of any way to do that without storing it locally first (which, as previously mentioned, is impossible to do).
[EDIT] I wonder if it's possible to use adb root pull from TWRP to pull /dev/mmcblk0, I'll try that after cleaning it up. If that works then it's a piece of cake to do this on any phone. [/EDIT]
qb74 said:
Could somebody provide us with a full eMMC backup of a 16GB and 32GB model so that we can build partition.xml and extract rawprogram0.xml and patch0.xml from it to unbrick our devices with QFIL/QPST?
(this issue is rather specific, you cannot access the phone by ADB,fastboot or LGUP, but Windows recognizes it as Qualcomm HS-USB QDLoader 9008 so it's fixable with the appropriate files)
Click to expand...
Click to collapse
OK, so I managed to do a complete backup via adb pull /dev/mmcblk0
For future reference, this is the easiest way:
From a fastboot boot twrp:
adb root
adb pull /dev/mmcblk0 emmc.img
Now, that's 13GB worth of data that you don't need, I can give you a part table on this (using part) or whatever you need but It's a bit too big to upload as is.
I can run an emulator and mount it as is and that works too but all I can extract from there is data.
Now, shutting down your device and inserting your USB cable while holding vol + AND vol- seems to mount emmc as portable storage, that should mean that you can dd the entire thing right onto the device?
Nicktheprofessor said:
OK, so I managed to do a complete backup via adb pull /dev/mmcblk0
For future reference, this is the easiest way:
From a fastboot boot twrp:
adb root
adb pull /dev/mmcblk0 emmc.img
Now, that's 13GB worth of data that you don't need, I can give you a part table on this (using part) or whatever you need but It's a bit too big to upload as is.
I can run an emulator and mount it as is and that works too but all I can extract from there is data.
Now, shutting down your device and inserting your USB cable while holding vol + AND vol- seems to mount emmc as portable storage, that should mean that you can dd the entire thing right onto the device?
Click to expand...
Click to collapse
Maybe? Not entirely sure if the dd method could work since this kind of hardbrick literally bricks your phone if you don't have the right files. Great job on the backup though! Mind telling me the steps for dd-ing the entire thing onto my device?
Or better, create partition.xml and extract & upload rawprogram0.xml and patch0.xml so that I can use myself as a test dummy.
its a guide for linux systems, hopefully you can help us get one step closer to fixing our devices!
qb74 said:
Maybe? Not entirely sure if the dd method could work since this kind of hardbrick literally bricks your phone if you don't have the right files. Great job on the backup though! Mind telling me the steps for dd-ing the entire thing onto my device?
Or better, create partition.xml and extract & upload rawprogram0.xml and patch0.xml so that I can use myself as a test dummy.
its a guide for linux systems, hopefully you can help us get one step closer to fixing our devices!
Click to expand...
Click to collapse
Yeah, that doesn't help since it's made for extracting a partition.xml from a .KDZ where these partition files exist.
In a copy of your disk that doesn't exist, there isn't a file to copy and paste into that.
I can do the partition table and partition sectors if you want that but without knowing what is actually needed (as in the source code in the tool used to fix the device) I can't really help.
I'll check if i can put a device in that state and see what happens with the emmc connection.
Nicktheprofessor said:
Yeah, that doesn't help since it's made for extracting a partition.xml from a .KDZ where these partition files exist.
In a copy of your disk that doesn't exist, there isn't a file to copy and paste into that.
I can do the partition table and partition sectors if you want that but without knowing what is actually needed (as in the source code in the tool used to fix the device) I can't really help.
I'll check if i can put a device in that state and see what happens with the emmc connection.
Click to expand...
Click to collapse
Get the partition table and partition sectors, that's a start! (even though I got no clue how to continue after that )
Do you mean the source code of QPST/QFIL? That's a rather impossible task though
qb74 said:
Get the partition table and partition sectors, that's a start! (even though I got no clue how to continue after that )
Do you mean the source code of QPST/QFIL? That's a rather impossible task though
Click to expand...
Click to collapse
I'm talking about the source code of the programming tool but I might not need that either if i can just examine it on my own and I have one of those devices on hand come tuesday.
I'm fairly confident that I can build a programmer to rewrite the emmc with whatever I want it to if i can just get a hold of the system calls.
Do you want to work together on this? It seems to me that it would be worthwhile even in the long run as QC are unlikely to change this procedure.
Nicktheprofessor said:
I'm talking about the source code of the programming tool but I might not need that either if i can just examine it on my own and I have one of those devices on hand come tuesday.
I'm fairly confident that I can build a programmer to rewrite the emmc with whatever I want it to if i can just get a hold of the system calls.
Do you want to work together on this? It seems to me that it would be worthwhile even in the long run as QC are unlikely to change this procedure.
Click to expand...
Click to collapse
Absolutely! Even though I don't have the necessary knowledge with Android/Linux, I do have basic Windows knowledge. I'd be glad to help out the community as a whole!
bump!
qb74 said:
Could somebody provide us with a full eMMC backup of a 16GB and 32GB model so that we can build partition.xml and extract rawprogram0.xml and patch0.xml from it to unbrick our devices with QFIL/QPST?
(this issue is rather specific, you cannot access the phone by ADB,fastboot or LGUP, but Windows recognizes it as Qualcomm HS-USB QDLoader 9008 so it's fixable with the appropriate files)
Click to expand...
Click to collapse
i just found for the nexus 5x the lg tot firmware u can use it to make the partition.xml
lg h791 16g
drive.google.com/uc?id=0B89Fk5GHkvZqb3I3bV9rTksxZFE&export=download
lg h791 32g
cloud.mail.ru/public/G1bp/vhoVk1MwW
i used BoardDiag to extract the frimware
drive.google.com/file/d/0Bw1P9EP0d9nZY0FUall1VWVvc0k/view
and here is how to build partition.xml and extract rawprogram0.xml and patch0.xml from it
youtube.com/watch?v=BmAuzbG9re4
now we need prog emmc firehose 8992.mbn to use with QFIL/QPST
i hope u can find a solution i'm stuck with a dead nexus 5x for the moment
do you need h798 16G version dd image? if you need I can dump to you
---------- Post added at 09:17 AM ---------- Previous post was at 08:40 AM ----------
Nicktheprofessor said:
OK, so I managed to do a complete backup via adb pull /dev/mmcblk0
For future reference, this is the easiest way:
From a fastboot boot twrp:
adb root
adb pull /dev/mmcblk0 emmc.img
Now, that's 13GB worth of data that you don't need, I can give you a part table on this (using part) or whatever you need but It's a bit too big to upload as is.
I can run an emulator and mount it as is and that works too but all I can extract from there is data.
Now, shutting down your device and inserting your USB cable while holding vol + AND vol- seems to mount emmc as portable storage, that should mean that you can dd the entire thing right onto the device?
Click to expand...
Click to collapse
adb pull /dev/mmcblk0 emmc.img
this command does not work
first there no device /dev/mmcblk0 but in /dev/block/mmcblk0 second adb pull /dev/block/mmcblk0 emmc.img does not work.
F:\BaiduNetdiskDownload>adb pull /dev/mmcblk0 emmc.img
adb: error: remote object '/dev/mmcblk0' does not exist
youxiaojie said:
do you need h798 16G version dd image? if you need I can dump to you
---------- Post added at 09:17 AM ---------- Previous post was at 08:40 AM ----------
adb pull /dev/mmcblk0 emmc.img
this command does not work
first there no device /dev/mmcblk0 but in /dev/block/mmcblk0 second adb pull /dev/block/mmcblk0 emmc.img does not work.
F:\BaiduNetdiskDownload>adb pull /dev/mmcblk0 emmc.img
adb: error: remote object '/dev/mmcblk0' does not exist
Click to expand...
Click to collapse
You need to reboot to a TWRP (or whatever recovery that supports unencrypted storage) that supports unencrypted devices before you attempt it.
You have to do this through fastboot boot recovery.img and not through flashing it. You are correct about /dev/block/mmcblk0 though. My apologies for the confusion caused by that.
I got it
Nicktheprofessor said:
You need to reboot to a TWRP (or whatever recovery that supports unencrypted storage) that supports unencrypted devices before you attempt it.
You have to do this through fastboot boot recovery.img and not through flashing it. You are correct about /dev/block/mmcblk0 though. My apologies for the confusion caused by that.
Click to expand...
Click to collapse
after formatting data partition, I removed whole disk encrypt and success run "adb pull /dev/block/mmcblk0 emmc.img" command.
https://pan.baidu.com/s/1bpcvqV1
and do I used "adb push emmc.img /dev/block/mmcblk0" to recover whole emmc when my phone soft bricked?
youxiaojie said:
after formatting data partition, I removed whole disk encrypt and success run "adb pull /dev/block/mmcblk0 emmc.img" command.
https://pan.baidu.com/s/1bpcvqV1
and do I used "adb push emmc.img /dev/block/mmcblk0" to recover whole emmc when my phone soft bricked?
Click to expand...
Click to collapse
file is not working, getting a error when unzipping it
qb74 said:
file is not working, getting a error when unzipping it
Click to expand...
Click to collapse
https://mega.nz/#!Oo9DxJyL!rzFl_s2ie1frCr79TpYTYKoeXNwg78d5dc-a71bkInE
try this again